CISA - Protection of Information Assets - Section 5.2
Assess security testing and monitoring tools and techniques, incident response management, and evidence collection and forensics.
Compare security testing tools and security monitoring techniques - including vulnerability scanning, penetration testing and SIEM-based alerting - and explain when each is appropriate. Evaluate incident response management processes and the evidence collection and digital forensics practices that preserve chain of custody for investigation and legal proceedings.
security testing toolssecurity monitoringincident responseevidence collectiondigital forensics
More in this domain
Back to all Protection of Information Assets objectives, or the CISA cert hub.
Examworthy is not affiliated with or endorsed by ISACA. Original, blueprint-aligned practice material only.